<?php if ( ! defined('BASEPATH')) exit ('No direct script access allowed');

class login extends CI_Controller {
	
	//login page
	function index(){
		$data['redirect'] = $this ->input->get_post('redirect');   //get redirect parameter
		
		$data['FailToLogin']=false;
   	  	$data['error_msg'] = "";
		$this -> load -> view('login_view', $data);
	}
	
	
	function test(){
	}
	
	function test2(){
		UnsetLoginInfo(SYS_USERID, true, true);
		echo SYS_USERID . "cookie has been removed.";
	}
	// forgot password
	function forgotPassword(){
		$this->load-> view('forgotpwd_step1');
	}
	
	//forgot password step2 -- retrive password
	function forgotPassword_step2(){
		$Username = trim($this -> input -> get_post('username'));
		$Email = trim($this->input-> get_post('email'));
		//echo "username=" . $Username . ", email=" . $Email . "<br>";
		
		$this ->load->model('register_model');		
		$msg = $this->register_model->username_emailCheck($Username, $Email);   //send out password resetting email
		if ($msg=='success'){
			$this -> load ->view('forgotpwd_step2');   //sent out email  page
		}
		else{
			ErrorMsg($msg);   //go to error page
		}
	}
	
	//go to reset password page
	function resetPassword(){
		$Code = $this ->input->get_post('code');
		
		$this ->load->model('register_model');
		$result = $this->register_model->resetPassword($Code);   //reset password
		$msg = $result[0];   //get error message and user id from returned result
		$userid = $result[1];
		if ($msg=='success'){
			$this ->session ->set_userdata('resetpassword' . md5($userid), $userid);   //save user id into session
			$data['md5_userid'] = md5($userid);        //encript userid and pass it to reset page
			$this -> load ->view('forgotpwd_step3', $data);   //reset password page
		}
		else {
			ErrorMsg($msg);   //go to error page
		}
	}
	
	//change a new password
	function changeNewPassword(){
		$newpwd = $this->input->get_post('FPassword');   
		$md5userid = $this->input->get_post('userid');		
		$myuserid = $this->session->userdata('resetpassword' . $md5userid);   //get userid from session
		
		if (strlen($newpwd)<=0){
			ErrorMsg('密码不可以为空!');
		}
		elseif (strlen($md5userid)<=0){
			ErrorMsg('读取用户信息(UserId)错误!');
		}
		elseif(!isset($myuserid)){  //user id session is not avaliable
           ErrorMsg('Session已过期间或找不到, 请重新设定密码, 并在两个小时内输入新密码.'); 
		}	
		elseif ($md5userid!=md5($myuserid)){   //check if password a valid
           ErrorMsg('网页数据被改动, 请重新设定密码.');
		}
		else {  //reset password
			$this->session->unset_userdata('resetpassword' . $md5userid);   //unset session
			
			$SQLStr = "Update tb_user Set password = ? Where id = ?";
			$data = array(md5($newpwd), $myuserid);
			$this->db->query($SQLStr, $data);   //reset user pasword
			
			$this -> load ->view('forgotpwd_step4');   //successfully reset password 					
		}
	}
	
   //verify if userid and password are valid
   function verifylogin(){
   	  $Username =  strtolower(trim($this ->input-> get_post("userName")));
   	  $Password = $this ->input->get_post("password");
   	  $Code = $this ->input ->get_post("loginCode");
	  $EnableCookie = $this ->input ->get_post("RememberMe") == 'checked';
   	  
   	  
   	  if (strlen($Username)<=0 || strlen($Password)<=0){
  	 	$data['FailToLogin']=true;
  	 	$data['error_msg'] = "用户名或密码不能为空";
  	 	$this->load->view('login_view', $data);
   	  }
   	  elseif (strlen($Code)<=0) {
  	 	$data['FailToLogin']=true;
  	 	$data['error_msg'] = "认证码不能为空";
  	 	$this->load->view('login_view', $data);
   	  } 
   	  else {
   	  	 $this -> load -> model("register_model");   //load model
   	  	 
   	  	 if (!$this -> register_model -> isCodeValid($Code)){
   	  	 	$data['FailToLogin']=true;
   	  	 	$data['error_msg'] = "验证码错误, 请重新输入";
   	  	 	$this->load->view('login_view', $data);
   	  	 }
   	  	 else {
   	  	 	    $result = $this ->register_model -> verifyLogin($Username, $Password);   //check login information 
     	  	    if ($result[0]){   //login success
     	  	        SetLoginInfo($Username, $EnableCookie);   //set session and cookie
     	  	        redirect(MYQIQU_PAGE()) ;    //go to my qiqu page
     	  	        //echo "User ". $Username . " logged in. with " 	
   	     	    }
   	  	        else{  //user's name or password are wrong
   	  	 	        $data['FailToLogin']=true;
   	  	 	        $data['error_msg'] = $result[1];
   	  	  	        $this->load->view('login_view', $data);
   	  	        }
   	  	 }
   	  }
   }

//logoff from system
function logoff(){
	UnsetLoginInfo(true,true);   //unset cookie and session information
	$this->index();
}
	
	
}